Legal
Data protection
Operational records
OneFarmTech keeps operational records for orders, payments, receipts, buyer support, supplier coordination, delivery evidence, complaints and account activity.
Access control
Access to internal records should be limited to authorised team members who need the information to serve buyers, suppliers, delivery partners and support workflows.
Access codes and account data
Buyer access codes, partner access codes, payment references and account information should not be shared publicly or stored in unsecured channels. Codes should be reset or revoked where compromise is suspected.
Third-party tools
Where third-party tools are used for payments, communication, hosting, analytics or operations, they should be reviewed for security, privacy, reliability and operational fit.
Incident handling
Suspected data incidents should be reviewed promptly, access should be restricted where necessary, and affected records or users should be handled according to the seriousness of the issue.
